[1891] be sure to reject addNSEC3 attempt before begin transaction.

src/lib/datasrc/sqlite3_accessor.cc

@@ -1159,7 +1159,10 @@ void
 SQLite3Accessor::addNSEC3RecordToZone(
     const string (&columns)[ADD_NSEC3_COLUMN_COUNT])
 {
-    // TODO: no transaction case
+    if (!dbparameters_->updating_zone) {
+        isc_throw(DataSourceError, "adding NSEC3-related record to SQLite3 "
+                  "data source without transaction");
+    }
 
     // XXX: the current implementation of SQLite3 schema requires the 'owner'
     // column, and the current implementation of getAllRecords() relies on it,

src/lib/datasrc/tests/sqlite3_accessor_unittest.cc

@@ -1079,6 +1079,12 @@ TEST_F(SQLite3Update, duplicateAdd) {
 TEST_F(SQLite3Update, invalidAdd) {
     // An attempt of add before an explicit start of transaction
     EXPECT_THROW(accessor->addRecordToZone(add_columns), DataSourceError);
+
+    // Same for addNSEC3.
+    copy(nsec3_data, nsec3_data + DatabaseAccessor::ADD_NSEC3_COLUMN_COUNT,
+         add_nsec3_columns);
+    EXPECT_THROW(accessor->addNSEC3RecordToZone(add_nsec3_columns),
+                 DataSourceError);
 }
 
 TEST_F(SQLite3Update, deleteRecord) {